Bugtraq mailing list archives

Re: denial of service - inetd on solaris 2.4?

From: Peter-Skopp () deshaw com (Peter Skopp)
Date: Mon, 27 May 1996 14:33:51 -0400

According to Brad Powell:

You should probably just turn off echo, discard, daytime and chargen


You should turn off echo, daytime, chargen and time (at least), but there
is really no need to turn off discard.

You only need to turn off UDP based services which elicit responses (or
error messages) when attached to another service which is feeding it "crap".

Any combination of echo, time, daytime, and chargen will loop (although
echo <-> echo requires the spoofed packet to have an initial payload).

The DOS comes in b/c echo of these services will elicit a response given
a packet from any of these services, so the 2 programs will play ping pong
with each other.

The discard service will just read the packet and discard it (as its name
implies), so the DOS attack outlined in CERT CA-96:01 doesn't hold with
discard, and it is safe to keep it in your inetd.conf file.

Peter Skopp

Current thread:

denial of service - inetd on solaris 2.4? Justin Beech (May 23)
- Re: denial of service - inetd on solaris 2.4? Casper Dik (May 24)
- <Possible follow-ups>
- Re: denial of service - inetd on solaris 2.4? Brad Powell (May 24)
  - Re: denial of service - inetd on solaris 2.4? Jack Flory (May 24)
  - Re: denial of service - inetd on solaris 2.4? Brett Lymn (May 26)
  - netscape remote control - so what? Justin Beech (May 26)
    - Re: netscape remote control - so what? martinh () mailhost emap co uk (May 28)
- Re: denial of service - inetd on solaris 2.4? Peter Skopp (May 27)